This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 48%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDC%3C/text%3E%3C/svg%3E)
I'm setting up Conditional Access. We want it setup to prompt for MFA on all websites when you aren't in a trusted location, (we have this setup), and bypass MFA when you are in a trusted location.
We have a specific website that we want to always prompt for MFA no matter the location that you are in. But I can't seem to find the correct set of settings to make this happen. What settings do I need to use (as well as what settings to I need to use for a new app registration) to make this work? This is a 3rd party website that I don't control, but the data on it is very sensitive, so we want to have MFA on it at all times.
What needs to be put for the new application as it's a third party site that I don't control?
You can assign Conditional Access and MFA for services and sites listed the Cloud apps and actions area. Check the picture.
If you have created an app then you can assign the Contional Access rules for it.
So, you can't directly require MFA for untrusted locations.
The source for picture.
https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa
